Low numbers to test JWT refresh
This commit is contained in:
@@ -1,6 +1,7 @@
|
|||||||
Server:
|
Server:
|
||||||
Auth:
|
Auth:
|
||||||
Make sure autorenew works
|
Make sure autorenew works
|
||||||
|
Make sure rate limiting isnt being broken by cloudflare
|
||||||
|
|
||||||
Auth-Key-Value-Storage:
|
Auth-Key-Value-Storage:
|
||||||
Build and connect driver for Key Value storage hosted on Auth.Mistox.Com/api/db/
|
Build and connect driver for Key Value storage hosted on Auth.Mistox.Com/api/db/
|
||||||
|
|||||||
@@ -18,7 +18,7 @@ namespace BoredCareers.Controllers {
|
|||||||
Secure = true,
|
Secure = true,
|
||||||
HttpOnly = true,
|
HttpOnly = true,
|
||||||
SameSite = SameSiteMode.Strict,
|
SameSite = SameSiteMode.Strict,
|
||||||
Expires = DateTime.UtcNow.AddDays(7)
|
Expires = DateTime.UtcNow.AddYears(1)
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+28
-11
@@ -128,17 +128,6 @@ builder.Services.AddAuthentication(options => {
|
|||||||
OnMessageReceived = context => {
|
OnMessageReceived = context => {
|
||||||
context.Token = context.Request.Cookies["mistox_session"];
|
context.Token = context.Request.Cookies["mistox_session"];
|
||||||
return Task.CompletedTask;
|
return Task.CompletedTask;
|
||||||
},
|
|
||||||
OnTokenValidated = context => {
|
|
||||||
var jwtToken = context.SecurityToken as JwtSecurityToken;
|
|
||||||
if (jwtToken != null) {
|
|
||||||
var exp = jwtToken.ValidTo;
|
|
||||||
var now = DateTime.UtcNow;
|
|
||||||
if ((exp - now) < TimeSpan.FromDays(3)) {
|
|
||||||
// Impliment token refresh
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return Task.CompletedTask;
|
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
@@ -206,6 +195,34 @@ app.UseCors();
|
|||||||
app.UseRouting();
|
app.UseRouting();
|
||||||
|
|
||||||
app.UseAuthentication();
|
app.UseAuthentication();
|
||||||
|
|
||||||
|
app.Use(async (context, next) =>{
|
||||||
|
ClaimsPrincipal user = context.User;
|
||||||
|
if (user.Identity?.IsAuthenticated == true) {
|
||||||
|
string? token = context.Request.Cookies["mistox_session"];
|
||||||
|
Claim? expClaim = user.FindFirst(JwtRegisteredClaimNames.Exp);
|
||||||
|
if (expClaim != null && long.TryParse(expClaim.Value, out long expUnix)) {
|
||||||
|
DateTimeOffset expTime = DateTimeOffset.FromUnixTimeSeconds(expUnix);
|
||||||
|
if ((expTime - DateTimeOffset.UtcNow) < TimeSpan.FromMinutes(2)) {
|
||||||
|
IHttpClientFactory clientFactory = context.RequestServices.GetRequiredService<IHttpClientFactory>();
|
||||||
|
HttpClient client = clientFactory.CreateClient();
|
||||||
|
HttpResponseMessage response = await client.PostAsync("https://auth.mistox.com/api/auth/renew", new StringContent(token));
|
||||||
|
if (response.IsSuccessStatusCode) {
|
||||||
|
string newJwt = await response.Content.ReadAsStringAsync();
|
||||||
|
context.Response.Cookies.Append("mistox_session", newJwt, new CookieOptions {
|
||||||
|
HttpOnly = true,
|
||||||
|
Secure = true,
|
||||||
|
SameSite = SameSiteMode.Strict,
|
||||||
|
Expires = DateTimeOffset.UtcNow.AddYears(1)
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
await next();
|
||||||
|
});
|
||||||
|
|
||||||
app.MapControllers();
|
app.MapControllers();
|
||||||
|
|
||||||
app.MapFallbackToFile("index.html");
|
app.MapFallbackToFile("index.html");
|
||||||
|
|||||||
Reference in New Issue
Block a user